Don't hardcode the HPKE cipher
This commit is contained in:
parent
72a354caf9
commit
d5e9ed3aa9
|
@ -1,8 +1,6 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/aes"
|
|
||||||
"crypto/cipher"
|
|
||||||
"crypto/subtle"
|
"crypto/subtle"
|
||||||
"encoding/binary"
|
"encoding/binary"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
@ -157,12 +155,7 @@ func (q ODoHQuery) decryptResponse(response []byte) ([]byte, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
block, err := aes.NewCipher(key)
|
cipher, err := q.suite.NewRawCipher(key)
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
aesgcm, err := cipher.NewGCM(block)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -175,7 +168,7 @@ func (q ODoHQuery) decryptResponse(response []byte) ([]byte, error) {
|
||||||
ct := response[5+int(responseNonceLength):]
|
ct := response[5+int(responseNonceLength):]
|
||||||
aad := response[0 : 3+int(responseNonceLength)]
|
aad := response[0 : 3+int(responseNonceLength)]
|
||||||
|
|
||||||
responsePlaintext, err := aesgcm.Open(nil, nonce, ct, aad)
|
responsePlaintext, err := cipher.Open(nil, nonce, ct, aad)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue